CVE-2026-15921 | nvm-sh nvm up to 0.40.5 Alias File index.tab NVM_DIR path traversal

SecurityVulns

A vulnerability labeled as critical has been found in nvm-sh nvm up to 0.40.5. Affected is an unknown function of the file index.tab of the component Alias File Handler. Such manipulation of the argument NVM_DIR leads to relative path traversal.

This vulnerability is documented as CVE-2026-15921. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More